can't figure out how to log in

[ghosttie]

If I go to https://app.encryptic.org/ it says "You opened Encryptic for the first time on this device." which is not true, I want to log into my existing account not create a new one

[daed]

Same browser, same device? That's strange.

What browser? What operating system? Did you clear site data/settings/cookies (don't do this if you haven't) since your previous visit?

[ghosttie]

Yes it's the same machine, Chrome, Windows 10

[ghosttie]

How is it supposed to work? Presumably we should be able to log in from different machines

[daed]

Shouldn't be any issues there. Do you have any extensions enabled / what are they?

If you go into developer tools, then to application, and then click on IndexedDB, what do you have listed under that? There should be a "lav-default" and a "lav-(whatever your user name is)"

[daed]

WRT "should be able to log in from different machines":

It runs kind of counterintuitive to what you would expect from something on "the web", but we don't store ANY user data. Every last bit of it is stored on your local computer in your brower's storage. This is done by design because that way we don't have a user database to break into or if a .gov approached me asking for a user's data or encryption keys, I wouldn't be able to give it even if I wanted to. I can't think of a more secure model than that.

The downside to this is a relative lack of convenience. You have to set up Dropbox or (eventually when I get it working) RemoteStorage synchronization in order to use it between different computers.

I'd be willing to eventually get a hosted or semi-hosted service set up for user data, but not until I find one I'm satisfied with regarding how the data is stored. Even then it will be optional and come with appropriate warnings.

[ghosttie]

Uh yeah quite a few

Amazon Assistant Data Saver eReaderIQ Integrator Google +1 Button Google Cache Grabber Google Docs Offline Google Hangouts Google Publisher Toolbar Google Tasks Inbox by Gmail Kicktraq Link Shortener for Amazon Mercury Reader Office Editing for Docs, Sheets & Slides Page Analytics (by Google) RSS Subscription Extension (by Google) Save to Pocket The Tracktor - Price History Tracker uBlock Origin WME Toolbox

Yeah I have lav-default, lav-ghosttie and notes-db. There's stuff under lav-default/profiles, lav-ghosttie/configs and notes

[daed]

I can't imagine any of those would cause problems. Ublock would be most likely and it's fine (at least on default settings) based upon my own testing.

lav-default should contain a profiles that has a key of "ghosttie" containing a username, privateKey, and publicKey. Don't paste those here, but confirm that they at least exist.

Other than that, the presence of configs and notes in lav-ghosttie should be all you need for the profile to show up.

Can you make another profile under a different name and see if your profile shows up in the login screen after? Maybe call it "test" or whatever?

[ghosttie]

lav-default/profiles has a key of ghosttie but a value of null

[ghosttie]

I added a test profile, that one does have keys in lav-default/profiles but the login screen only lists test

[daed]

Okay. If it's lost your private key, that's going to make recovery tricky. I haven't seen that one happen yet.

Did you download the private key when you first made the profile? If so then I'll work on a recovery process. If not then I'm not sure there's anything we can do to recover those notes. I'm not sure where the key would have gone as there's not really many places that write to the key after profile creation.

[ghosttie]

Yeah downloading the key is a mandatory part of the sign up process

[glocalglocal]

You have to set up Dropbox or (eventually when I get it working) RemoteStorage synchronization in order to use it between different computers.

I suspect it's not that easy but how about not privileging Dropbox and offering access to other cloud storage services? As the file is encrypted it is secure to store it on Google Drive, OneDrive etc. Others may prefer GDPR-friendly Box, or (like myself) MEGA.nz with its open source, zero-knowledge features.

[daed]

I need to test this later, so don't do it until I have a chance to make sure it's safe. We are in uncharted water here.

Procedure:

1. Create another ghosttie profile.
2. Log in. Notes will appear blank because they won't be able to decrypt with the new private key.
3. Go to settings -> backup and backup everything.
4. Open the backup (it's a zip file) and open the profiles.json file.
5. Open the .asc file containing your private key. 6a. Replace the contents of the privateKey block in profiles.json with the contents of the asc file. You will need to remove the newlines and replace them with '\r\n'. 6b. Remove the publicKey section.
6. Create a new account in encryptic and click the import button and use the zip file you modified.

I think that should work, but let me confirm before you do it so that you don't risk losing anything.

Some of those steps are a little convoluted. I could probably write something to automate it for you if that would help. Do you have access to node or python on this computer? I don't know if I could do it from a browser as there's limited ability to interact with files from there.

[daed]

I had to fix a few bugs in the import process (man, that thing is a nightmare) but I have a fix that should work:

Procedure:

1. Create another ghosttie profile.
2. Log in. Notes will appear blank because they won't be able to decrypt with the new private key.
3. Go to settings -> backup and backup everything.
4. Open the backup (it's a zip file) and open the profiles.json file.
5. Open the .asc file containing your private key. 6a. Replace the contents of the privateKey block in profiles.json with the contents of the asc file. You will need to remove the newlines and replace them with '\r\n'. 6b. Remove the publicKey section.
6. Create a new account in encryptic, immediately click the import button without entering a username (it should get it from the backup) and use the zip file you modified.

I tested that (Win 10, Firefox latest) and it worked fine.

If that's an unreasonable set of steps, let me know and I'll see if I can write something to do it for you.

[echo-ray]

Hi, @daed I may met similar issue I create an account called ray, and I downloaded the key(file ended in .asc) but when I refresh the page and delete cookies(I do it on purpose) I can't successfully import the key and recovery my account, neither with the backup zip file. (this issue happens with osx and chrome)

[Maks-s]

@echo-ray This happens because notes aren't stored in cookies, but in Indexed DB. You can access it on Firefox by doing F12 => Storage => Indexed DB

[daed]

The issue with the backup zip file is different. Something is causing notes to not be decrypted properly on import. It's not related to the decryption library because I can decrypt it via an independent script. See #90. I'm working on a fix.

[daed]

I'm putting out a new release. I think I've fixed a lot of the issues regarding login/import/sync. I would like to hear if this is still an issue for anyone on the new 0.1.0 release.

[echo-ray]

I will try it sometime later. Thanks for your work!